@azure/identity 3.2.0-alpha.20230411.7 → 3.2.0-alpha.20230414.1

package/dist/index.js

@@ -686,25 +686,6 @@ function parseExpirationTimestamp(body) {
     }
     throw new Error(`Failed to parse token expiration from body. expires_in="${body.expires_in}", expires_on="${body.expires_on}"`);
 }
-/**
- * Given a token response, return the timestamp for refreshing token as the number of milliseconds from the Unix epoch.
- * @param body - A parsed response body from the authentication endpoint.
- */
-function parseRefreshTimestamp(body) {
-    if (typeof body.refresh_in === "number") {
-        return Date.now() + body.refresh_in * 1000;
-    }
-    else {
-        const durationInMilliseconds = parseExpirationTimestamp(body) - Date.now();
-        const durationInHours = Math.floor(durationInMilliseconds / 1000 / 60 / 60);
-        if (durationInHours >= 2) {
-            return Date.now() + durationInMilliseconds / 2;
-        }
-        else {
-            return Date.now() + durationInMilliseconds;
-        }
-    }
-}
 
 // Copyright (c) Microsoft Corporation.
 const noCorrelationId = "noCorrelationId";
@@ -764,7 +745,6 @@ class IdentityClient extends coreClient.ServiceClient {
                     token: parsedBody.access_token,
                     expiresOnTimestamp: parseExpirationTimestamp(parsedBody),
                 },
-                refreshesIn: parseRefreshTimestamp(parsedBody),
                 refreshToken: parsedBody.refresh_token,
             };
             logger$n.info(`IdentityClient: [${request.url}] token acquired, expires on ${token.accessToken.expiresOnTimestamp}`);
@@ -1217,7 +1197,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
      * Attempts to retrieve a token from cache.
      */
     async getTokenSilent(scopes, options) {
-        var _a, _b;
+        var _a, _b, _c;
         await this.getActiveAccount();
         if (!this.account) {
             throw new AuthenticationRequiredError({
@@ -1236,7 +1216,14 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         };
         try {
             this.logger.info("Attempting to acquire token silently");
-            const response = (_b = (await ((_a = this.confidentialApp) === null || _a === void 0 ? void 0 : _a.acquireTokenSilent(silentRequest)))) !== null && _b !== void 0 ? _b : (await this.publicApp.acquireTokenSilent(silentRequest));
+            /**
+             * The following code to retrieve all accounts is done as a workaround in an attempt to force the
+             * refresh of the token cache with the token and the account passed in through the
+             * `authenticationRecord` parameter. See issue - https://github.com/Azure/azure-sdk-for-js/issues/24349#issuecomment-1496715651
+             * This workaround serves as a workoaround for silent authentication not happening when authenticationRecord is passed.
+             */
+            await ((_a = (this.publicApp || this.confidentialApp)) === null || _a === void 0 ? void 0 : _a.getTokenCache().getAllAccounts());
+            const response = (_c = (await ((_b = this.confidentialApp) === null || _b === void 0 ? void 0 : _b.acquireTokenSilent(silentRequest)))) !== null && _c !== void 0 ? _c : (await this.publicApp.acquireTokenSilent(silentRequest));
             return this.handleResult(scopes, this.clientId, response || undefined);
         }
         catch (err) {
@@ -1568,8 +1555,7 @@ const appServiceMsi2017 = {
             // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
             allowInsecureConnection: true }));
         const tokenResponse = await identityClient.sendTokenRequest(request);
-        return ((tokenResponse && Object.assign(Object.assign({}, tokenResponse.accessToken), { refreshesOn: tokenResponse.refreshesIn })) ||
-            null);
+        return (tokenResponse && tokenResponse.accessToken) || null;
     },
 };
 
@@ -1640,8 +1626,7 @@ const cloudShellMsi = {
             // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
             allowInsecureConnection: true }));
         const tokenResponse = await identityClient.sendTokenRequest(request);
-        return ((tokenResponse && Object.assign(Object.assign({}, tokenResponse.accessToken), { refreshesOn: tokenResponse.refreshesIn })) ||
-            null);
+        return (tokenResponse && tokenResponse.accessToken) || null;
     },
 };
 
@@ -1762,8 +1747,7 @@ const imdsMsi = {
             try {
                 const request = coreRestPipeline.createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions$3(scopes, clientId, resourceId)), { allowInsecureConnection: true }));
                 const tokenResponse = await identityClient.sendTokenRequest(request);
-                return ((tokenResponse && Object.assign(Object.assign({}, tokenResponse.accessToken), { refreshesOn: tokenResponse.refreshesIn })) ||
-                    null);
+                return (tokenResponse && tokenResponse.accessToken) || null;
             }
             catch (error) {
                 if (error.statusCode === 404) {
@@ -1884,8 +1868,7 @@ const arcMsi = {
             // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
             allowInsecureConnection: true }));
         const tokenResponse = await identityClient.sendTokenRequest(request);
-        return ((tokenResponse && Object.assign(Object.assign({}, tokenResponse.accessToken), { refreshesOn: tokenResponse.refreshesIn })) ||
-            null);
+        return (tokenResponse && tokenResponse.accessToken) || null;
     },
 };
 
@@ -2175,8 +2158,7 @@ const fabricMsi = {
             rejectUnauthorized: false,
         });
         const tokenResponse = await identityClient.sendTokenRequest(request);
-        return ((tokenResponse && Object.assign(Object.assign({}, tokenResponse.accessToken), { refreshesOn: tokenResponse.refreshesIn })) ||
-            null);
+        return (tokenResponse && tokenResponse.accessToken) || null;
     },
 };
 
@@ -2243,8 +2225,7 @@ const appServiceMsi2019 = {
             // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
             allowInsecureConnection: true }));
         const tokenResponse = await identityClient.sendTokenRequest(request);
-        return ((tokenResponse && Object.assign(Object.assign({}, tokenResponse.accessToken), { refreshesOn: tokenResponse.refreshesIn })) ||
-            null);
+        return (tokenResponse && tokenResponse.accessToken) || null;
     },
 };
 
@@ -2386,13 +2367,9 @@ class ManagedIdentityCredential {
                                 const expiresInSeconds = (resultToken === null || resultToken === void 0 ? void 0 : resultToken.expiresOnTimestamp)
                                     ? Math.floor((resultToken.expiresOnTimestamp - Date.now()) / 1000)
                                     : 0;
-                                const refreshInSeconds = (resultToken === null || resultToken === void 0 ? void 0 : resultToken.refreshesOn)
-                                    ? Math.floor((resultToken.refreshesOn - Date.now()) / 1000)
-                                    : 0;
                                 return {
                                     accessToken: resultToken === null || resultToken === void 0 ? void 0 : resultToken.token,
                                     expiresInSeconds,
-                                    refreshInSeconds,
                                 };
                             }
                             else {
@@ -2400,7 +2377,6 @@ class ManagedIdentityCredential {
                                 return {
                                     accessToken: "no_access_token_returned",
                                     expiresInSeconds: 0,
-                                    refreshInSeconds: 0,
                                 };
                             }
                         });